CertusNet

To solve these problems much attention has been paid to the way network infrastructure must evolve to meet the challenges of delivering a high quality experience for VolP, video, and the emerging Service Oriented Architecture. But the pressures of these sensitive new applications underline a major challenge in traffic control; how to meet the need for a satisfactory application delivery despite the fact that IP is simply not predictable in the way TDM networks are.

The good news is that due to advances in QoS, buffering and other technologies, IP networks can be counted on to deliver a high quality for sensitive applications such as streaming video and VolP. However, this simple fact can mask the difficulty of managing networks that have a complex matrix of application traffic. Given the unpredictable nature of both routing and traffic changes over time; it is a real challenge to control traffic in an IP network to ensure a high level of application performance.

Problem Summary

• IP networks are best effort with unpredictable routing and traffic changes over time.
• IP network is made up of multiple isolated domains with no cross domain control.
• Complexity is increasing to support new services.
• Maintenance through human intervention is no longer viable.
• Static path selection based on isolated network segments causes poor QoS and QoE for users
• Critical application needs for streaming media are not considered particularly for new services - VolP, video, IPTV

By far the majority of Internet Services reside on servers located in Data Centers where the issues of providing good service are particularly acute. The growing number of appliances and their complex interrelationships has caused a burst of complexity in the appliance world of datacenters. Data flows must pass through an entire set of appliances between the boundary router and the server, and server room racks are full of boxes from different vendors, each with associated cabling, unique management interfaces, and different behaviors during system incidents and failures. New functions, such as intrusion detection and wide area network (WAN) optimization, have to be combined with existing firewalls, virtual private network (VPN) tunnel terminators and gateways, and load balancers. Unanticipated failure modes, such as congestion, DDoS/Intrusion attacks, link failures, power outages, device failures, or human errors can create problems that quickly overwhelm the diagnostic expertise of a data center's network operations center.

Due to the increasing complexity and quantity of both computing equipment and software, the task of datacenter management cannot be performed manually. In fact, a substantial percentage of network problems, especially many of the most painful ones, are self-inflicted. They result from manual management and changes made to network configurations: authorized, unauthorized, poorly implemented or involving unforeseen and very damaging consequences. The growing operational complexity, accelerating rates of change, and evolution of network technology make reliable, error-free manual change management essentially impossible. Also, traditional resolution techniques meant network operations were reactive. Therefore, the task of data center management cannot be performed manually. Automated solutions must be used to continuously control traffic and manage services from the total perspective of server to end user with guaranteed SLAs and minimized costs.

Loss of revenue and productivity due to un-accessible services for data center operation is $330,000 per hour according to the Meta Group and for brokerage house operation is $6.5 million per hour according to an SRC report. In addition, there is a growing liability problem from service interruption too. On top of lost productivity, data centers can pay more than $250,000 per occurrence when they don't perform according to their Service Level Agreement (SLA).

Additionally, in a modern data center, prohibitive power bills and vast heat generation have become a serious operational problem. Data centers are consuming as much power as a small city.

Problem Summary

• Exploding growth in services and complexity.
• A history of band-aid fixes from multiple vendors with different management systems.
• Complex product interactions that create extended outages, which is solved today by overprovision of bandwidth or hiring additional employees
• Static server load control limits workload migration and consolidation across sites and clusters for Disaster Recovery (DR) and power saving
• Service outage carries high Service Level Agreement penalties and liabilities
• Data Centers are consuming as much power as a small city
• High peering costs and poor performance.
• Pure DNS based site selection causes high cost and poor performance
• Manual management cannot automatically adapt to traffic and service changes
• Critical operations need continuous traffic balancing, automatic restoration and proactive traffic protection.

Figure 1

All of the above issues are present today and solutions are needed immediately as new social networking and entertainment services are adding performance sensitive loads to the Internet. It is no longer just a tool to communicate or search for information; it is becoming a lifestyle platform. As a consequence, new data centers are being built on a scale never seen before, some housing one million servers and consuming as much power as a small city. The traditional Internet best effort attempt to communicate is becoming intolerable to users. Figure 1 summarizes the issue being faced by data centers today.

CertusNet Solution

The answer to these challenges is to utilize application aware, automatic, end-to-end traffic and service control for the paths or routes that those flows travel as they move across the network. CertusNet is applying its patent pending Active Flow Technology to bring control and fault tolerance to IP networks in order to match the quality and reliability of TDM networks. We can automatically "tune" the network to optimize application performance. Particularly for data center networks, CertusNet is developing the ability to adapt quickly to changing loads, attacks, failures and other performance factors for traffic balancing and automatic restoration. Figure 2 summarizes what CertusNet will achieve with Active Flow Technology.

Consequently this is the area where CertusNet's initial focus will be. A simple view of the network between a user (client) and the server is shown in Figure 3 below.

A client application located at an outside autonomous system sends a request to an application server inside the data center, and gets the response back from the server. The "end-to-end" application level performance is mainly referring to the performance of the response sent back from the server to the client. The performance of incoming requests is not usually a concern to data center operators. An outgoing response can go by any one of multiple routes inside the data center to reach the edge router and also has a choice of which ISP uplink on which to exit.

From Figure 3 it is clear how the different domains relate to each other. There is the Server Network domain where services are hosted on behalf of the service owner, the Internal Network domain owned by the data center, the Peering Point domain where connection is made to the selected ISP and the External Network domain that has multiple owners between the ISP and the client.

Figure 2

Figure 3

By understanding end-to-end flows CertusNet provides much greater insight into service delivery than simply collecting generic interface bandwidth statistics via SNMP, because a flow can be correlated to a service. Flow-based traffic control provides a new and far more useful picture of network and service behavior that helps IT departments ensure that their networks are adequately engineered to deliver a complex, challenging matrix of application traffic to meet various SLAs.

We are not just monitoring the network from end-to-end; we take action to control and guide traffic through the network from server to user with satisfactory performance and cost. The goal is to ensure an optimized, secure transport of data and application functions between the user and the server.

Summary

CertusNet is implementing an end-to-end traffic and service control solution that best utilizes all route choices available through awareness of route performance, application needs, user perception of quality and cost to the service provider. CertusNet's end-to-end solution is from the server in the data center to the end user across network. This entails interfacing to many different platforms across multiple domains using standard interfaces such as external network to end user, BGP for ISP peering, Netflow for Cisco routers and VMware's published API.

CertusNet's product can be applied in multiple distinct application areas. Besides datacenters, we believe that there are potential users of our technology in many market sectors, including ISPs, financial institutions, enterprise, e-commerce, government, military and educational facilities. No competitor can match that. Our product does not go in-line with traffic and it does not need fork lift network upgrades such as synchronization or new protocols. The value of our product can be very high in certain applications and can often deliver multiple values simultaneously.